OpenCode SDK Development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The examples/basic-tool.ts defines a fetchUrl tool that fetches arbitrary user-supplied URLs and returns the fetched page body to the AI, so the agent will ingest untrusted public web content that could include indirect prompt injection.